You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/releasenotes.html
+11Lines changed: 11 additions & 0 deletions
Original file line number
Diff line number
Diff line change
@@ -24,18 +24,29 @@ <h2>2.0 Release History</h2>
24
24
<h3>2.1.2 Defects Fixed</h3>
25
25
<ul>
26
26
<li>Issues with a dangling weak reference causing intermittent NullPointerExceptions in the OcspCache have been fixed.</li>
27
+
<li>Issues with non-constant time RSA operations in TLS handshakes have been fixed.</li>
28
+
<li>Issue with Ed25519, Ed448 signature verification causing intermittent infinite loop have been fixed.</li>
29
+
<li>Issues with non-constant time ML-KEM implementation ("Kyber Slash") have been fixed.</li>
30
+
<li>Align ML-KEM input validation with FIPS 203 IPD requirements.</li>
31
+
<li>Make PEM parsing more forgiving of whitespace to align with RFC 7468 - Textual Encodings of PKIX, PKCS, and CMS Structures.</li>
27
32
</ul>
28
33
<h3>2.1.3 Additional Features and Functionality</h3>
29
34
<ul>
30
35
<li>An implementation of MLS (RFC 9420 - The Messaging Layer Security Protocol) has been added as a new module.</li>
31
36
<li>NTRU now supports NTRU-HPS4096-1229 and NTRU-HRSS-1373.</li>
37
+
<li>Improvements to PGP support, including Curve25519, Curve448 key types.</li>
38
+
<li>Add initial support for ML-KEM in TLS.</li>
39
+
<li>Add XWing hybrid KEM construction (X25519 + ML-KEM-768).</li>
40
+
<li>Introduce initial KEMSpi support (NTRU, SNTRU Prime) for JDK 21+.</li>
41
+
<li>Introduce initial composite signature support for X509 Certificates.</li>
32
42
</ul>
33
43
<h3>2.1.4 Notes.</h3>
34
44
<ul>
35
45
<li>Both versions of NTRUPrime have been updated to produce 256 bit secrets in line with Kyber. This should also bring them into line with other implementations such as those used in OpenSSH now.</li>
36
46
<li>BCJSSE: The boolean system property 'org.bouncycastle.jsse.fips.allowRSAKeyExchange" now defaults to false. All RSA
37
47
key exchange cipher suites will therefore be disabled when the BCJSSE provider is used in FIPS mode, unless this system
0 commit comments